package com.honeybee.cloud.framework.oauth.config;

import com.honeybee.cloud.framework.oauth.error.OauthMssWebResponseExceptionTranslator;
import org.springframework.context.annotation.Bean;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;

/**
 * @Description AuthorizationServerConfig
 * @Author DELL
 * @Create 2018-12-13
 * @Since 1.0.0
 */

public abstract class OauthAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {


    /**
     * ClientDetailsServiceConfigurer
     *
     * @param clients
     * @throws Exception
     */
    @Override
    public abstract void configure(ClientDetailsServiceConfigurer clients) throws Exception;

    @Bean
    public WebResponseExceptionTranslator<OAuth2Exception> webResponseExceptionTranslator() {
        return new OauthMssWebResponseExceptionTranslator();
    }

    /**
     * AuthorizationServerEndpointsConfigurer
     *
     * @param endpoints
     * @throws Exception
     */
    @Override
    public abstract void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception;

    /**
     * <p>注意，自定义TokenServices的时候，需要设置@Primary，否则报错，</p>
     *   @Primary
     *     @Bean
     * @return
     */

    /**
     * DefaultTokenServices
     *
     * @return
     */
    public abstract DefaultTokenServices defaultTokenServices();

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.tokenKeyAccess("permitAll()")
                .checkTokenAccess("isAuthenticated()")
                .allowFormAuthenticationForClients();

    }




}
